Security News > 2022 > April > Redis, MongoDB, and Elastic: 2022’s top exposed databases

Redis, MongoDB, and Elastic: 2022’s top exposed databases
2022-04-27 08:29

Security researchers have noticed an increase in the number of databases publicly exposed to the Internet, with 308,000 identified in 2021.

In the first quarter of 2022, the amount of exposed databases peaked to 91,200 instances, researchers at threat intelligence and research company Group-IB say in a report shared with BleepingComputer.

Exposing databases on the public face of the internet is in many cases due to misconfiguration.

Tim Bobak, Attack Surface Management Product Lead at Group-IB, told BleepingComputer that the company's solution is limited to checking if the database is exposed or not and it does not have any capability to collect or analyze the content of a database.

Telemetry data gathered this way does not show if the open databases are vulnerable to security flaws or if an unauthorized party accessed them while exposed on the web.

Databases purpose is not only to store the data but also allow immediate and convenient way of sharing this data, its analysis by other team members.


News URL

https://www.bleepingcomputer.com/news/security/redis-mongodb-and-elastic-2022-s-top-exposed-databases/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Mongodb 23 3 52 15 1 71
Redis 4 4 10 15 4 33